Vigil@nce - Vigil@nce - Drupal OpenID Connect Microsoft Azure Active Directory Client: user access via Profile Information Update, analyzed on 18/11/2021
January 2022 by Vigil@nce
Vigil@nce - An attacker can bypass restrictions of Drupal OpenID Connect Microsoft Azure Active Directory Client, via Profile Information Update, in order to gain user privileges.
Plus d'information sur : https://vigilance.fr/vulnerability/Drupal-OpenID-Connect-Microsoft-Azure-Active-Directory-Client-user-access-via-Profile-Information-Update-36915